CVE-2023-53869
Unknown Unknown - Not Provided
File Upload Vulnerability in WEBIGniter Enables Remote Code Execution

Publication date: 2025-12-15

Last updated on: 2025-12-15

Assigner: VulnCheck

Description
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-15
Last Modified
2025-12-15
Generated
2026-06-16
AI Q&A
2025-12-15
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53869
EUVD
EUVD-2025-203436
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
webigniter webigniter 28.7.23
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2023-53869 is a file upload vulnerability in WEBIGniter version 28.7.23 that allows authenticated users to upload malicious PHP files through the media upload function. These uploaded PHP scripts can then be executed on the server, enabling remote code execution (RCE). This means that any user with an account can exploit this flaw to run arbitrary code on the application server, potentially compromising the system. [1, 2]

Impact Analysis

This vulnerability can have severe impacts including unauthorized remote code execution on the server hosting the WEBIGniter application. Attackers can upload and execute malicious PHP scripts, which may lead to full system compromise, data theft, service disruption, or further attacks within the network. Because the attack requires only an authenticated user account, any user with access can exploit this vulnerability, making it highly dangerous. [1, 2]

Detection Guidance

This vulnerability can be detected by attempting to upload a PHP file through the media upload function using an authenticated account. For example, uploading a simple PHP payload such as `<?php phpinfo(); ?>` and then accessing the uploaded file to see if it executes can confirm the vulnerability. Commands to test this might include using curl or wget to upload the PHP file via HTTP POST to the media upload endpoint, followed by accessing the uploaded file URL to check for execution. Specific commands are not provided in the resources, but the exploit-db resource includes proof-of-concept exploits and reproduction instructions demonstrating this approach. [2]

Mitigation Strategies

Immediate mitigation steps include restricting or disabling the media file upload functionality for authenticated users until a patch is applied, validating and sanitizing uploaded files to prevent PHP or other executable files from being uploaded, and monitoring for any suspicious uploads or execution attempts. Additionally, applying any available patches or updates from the vendor as soon as they are released is critical. Since the vulnerability allows remote code execution via uploaded PHP files, preventing the upload or execution of such files is essential. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53869. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart